i'm attempting to set up my ec2 instance (running amazon linux which as i understand is built on RHEL 5) to forward log messages to loggentries.com but nothing is getting forwarded. as a sanity check i followed the instructions in this article to set up another ec2 instance as the central server and found that messages are not being received. So I tried executing logger -p cron.info TEST on the client machine and found nothing is added to /var/log/cron! Something is clearly not working! But rsyslogd is running:

1 Answer
1

The only thing you need in rsyslog.conf to forward to a remote IP address is

*.* @@192.0.2.25:514;

Regarding your other question...

I tried executing logger -p cron.info TEST on the client machine and found nothing is added to /var/log/cron!

Be sure you restart rsyslogd after changing the configuration; you also need to be sure that /var/log/cron exists.

EDIT

To demonstrate what successful log entries look like, I started rsyslogd with rsyslogd -c4 -d; this sends all debugging to my ssh session. I am logging cron.info to /var/log/syslog. In a different ssh session, I ran logger -p cron.info "my test again"... this is what I see before it logs successfully to /var/log/syslog...

i restarted rsyslogd (service rsyslog restart) and /var/log/cron does exist but is empty. i think the fact that nothing is forwarding is probably because nothing is even being written to logs.
–
hackerhasidJul 15 '12 at 15:00

then start rsyslogd with -d and tell us what happens when you try logging again
–
Mike PenningtonJul 15 '12 at 15:01

this seems to have been a stupid mistake on my part. i rewrote the config file by hand and restarted the service and it seems to work fine. thanks for your help!
–
hackerhasidJul 15 '12 at 15:42